Single DNS Domain with Internet Connection and Separate Gateway
Although the previous section describes a completely valid sendmail configuration, it is often desirable to separate the function of the mail hub from the mail gateway. This separation enables you to put the mail hub inside a protective firewall, shielding it from direct attacks on sendmail. You would put the gateway on the firewall's DMZ network (preferred) or outside the firewall. In this way, you can monitor any attacks on the gateway. If compromised, the gateway has only its sendmail configuration file stored on it.
The following example still uses the starlight.com domain with three sendmail configuration files to implement this change.
One for the gateway named gw.starlight.com ...
Get Solaris™ 8 Advanced System Administrator's Guide, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
